Hi Alll,
So i got the DMVPN working but it randomly at least once per 2 days it will disconnect and the tunnel needs 10 minutes to restore. When i check the logging i don’t see anything unusual but maybe am missing something.
We use PRTG as our network monitor so we see these tunnels go down randomly on all the spokes. All the spokes have the same configuration. We can also see that when the tunnel breaks the internet line not being over utilized, most cases not used of 10% of its capacity.
Apr 11 21:25:03 ACS0002-CE1 charon: 07[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:03 ACS0002-CE1 charon: 14[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:03 ACS0002-CE1 charon: 14[ENC] parsed INFORMATIONAL_V1 request 2644674311 [ HASH N(DPD_ACK) ]
Apr 11 21:25:08 ACS0002-CE1 charon: 15[IKE] sending DPD request
Apr 11 21:25:08 ACS0002-CE1 charon: 15[ENC] generating INFORMATIONAL_V1 request 3592327148 [ HASH N(DPD) ]
Apr 11 21:25:08 ACS0002-CE1 charon: 15[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:08 ACS0002-CE1 charon: 12[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:08 ACS0002-CE1 charon: 12[ENC] parsed INFORMATIONAL_V1 request 3344920149 [ HASH N(DPD_ACK) ]
Apr 11 21:25:15 ACS0002-CE1 charon: 05[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:15 ACS0002-CE1 charon: 05[ENC] parsed INFORMATIONAL_V1 request 3983627467 [ HASH N(DPD) ]
Apr 11 21:25:15 ACS0002-CE1 charon: 05[ENC] generating INFORMATIONAL_V1 request 2947651394 [ HASH N(DPD_ACK) ]
Apr 11 21:25:15 ACS0002-CE1 charon: 05[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:19 ACS0002-CE1 charon: 11[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:19 ACS0002-CE1 charon: 11[ENC] parsed INFORMATIONAL_V1 request 406518158 [ HASH N(DPD) ]
Apr 11 21:25:19 ACS0002-CE1 charon: 11[ENC] generating INFORMATIONAL_V1 request 1707657265 [ HASH N(DPD_ACK) ]
Apr 11 21:25:19 ACS0002-CE1 charon: 11[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:29 ACS0002-CE1 charon: 16[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:29 ACS0002-CE1 charon: 16[ENC] parsed INFORMATIONAL_V1 request 3520692095 [ HASH N(DPD) ]
Apr 11 21:25:29 ACS0002-CE1 charon: 16[ENC] generating INFORMATIONAL_V1 request 1311576585 [ HASH N(DPD_ACK) ]
Apr 11 21:25:29 ACS0002-CE1 charon: 16[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:40 ACS0002-CE1 charon: 13[IKE] sending DPD request
Apr 11 21:25:40 ACS0002-CE1 charon: 13[ENC] generating INFORMATIONAL_V1 request 3462665201 [ HASH N(DPD) ]
Apr 11 21:25:40 ACS0002-CE1 charon: 13[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:40 ACS0002-CE1 charon: 06[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:40 ACS0002-CE1 charon: 06[ENC] parsed INFORMATIONAL_V1 request 1046720514 [ HASH N(DPD_ACK) ]
Apr 11 21:25:44 ACS0002-CE1 charon: 05[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:44 ACS0002-CE1 charon: 05[ENC] parsed INFORMATIONAL_V1 request 3294605962 [ HASH N(DPD) ]
Apr 11 21:25:44 ACS0002-CE1 charon: 05[ENC] generating INFORMATIONAL_V1 request 1814916764 [ HASH N(DPD_ACK) ]
Apr 11 21:25:44 ACS0002-CE1 charon: 05[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:50 ACS0002-CE1 charon: 14[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:50 ACS0002-CE1 charon: 14[ENC] parsed INFORMATIONAL_V1 request 1020056780 [ HASH N(DPD) ]
Apr 11 21:25:50 ACS0002-CE1 charon: 14[ENC] generating INFORMATIONAL_V1 request 258868741 [ HASH N(DPD_ACK) ]
Apr 11 21:25:50 ACS0002-CE1 charon: 14[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:56 ACS0002-CE1 charon: 12[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:25:56 ACS0002-CE1 charon: 12[ENC] parsed INFORMATIONAL_V1 request 4175071116 [ HASH N(DPD) ]
Apr 11 21:25:56 ACS0002-CE1 charon: 12[ENC] generating INFORMATIONAL_V1 request 3737562783 [ HASH N(DPD_ACK) ]
Apr 11 21:25:56 ACS0002-CE1 charon: 12[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:26:15 ACS0002-CE1 charon: 13[NET] received packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Apr 11 21:26:15 ACS0002-CE1 charon: 13[ENC] parsed INFORMATIONAL_V1 request 3219509604 [ HASH N(DPD) ]
Apr 11 21:26:15 ACS0002-CE1 charon: 13[ENC] generating INFORMATIONAL_V1 request 1118370615 [ HASH N(DPD_ACK) ]
Apr 11 21:26:15 ACS0002-CE1 charon: 13[NET] sending packet: from IP_ADDRESS[500] to IP_ADDRESS[500] (108 bytes)
Am curious what causes the issue.
Rufat
April 11, 2022, 7:29pm
2
Hello @Arpanet69 , can you tell me which version you are using?
Hi Rufat,
Am using the following version for all my spokes and hubs:
Thanks!
Rufat
April 13, 2022, 7:21pm
4
@Arpanet69 I think you should look at the logs on both Hub and Spoke when you have a problem. Usually this problem can be in several parts. Please send hub dmvpn configurations and logs with any spokes? Also, what type of connection do you use for dmvpn?
HUB:
set interfaces tunnel tun0 address '172.16.0.1/16'
set interfaces tunnel tun0 encapsulation 'gre'
set interfaces tunnel tun0 mtu '1400'
set interfaces tunnel tun0 multicast 'enable'
set interfaces tunnel tun0 parameters ip key '1'
set interfaces tunnel tun0 source-address 'WAN_IP_ADDRESS'
set protocols nhrp tunnel tun0 cisco-authentication 'PASSWORD'
set protocols nhrp tunnel tun0 holding-time '300'
set protocols nhrp tunnel tun0 multicast 'dynamic'
set protocols nhrp tunnel tun0 redirect
set vpn ipsec esp-group ESP-ANTECH compression 'disable'
set vpn ipsec esp-group ESP-ANTECH lifetime '1800'
set vpn ipsec esp-group ESP-ANTECH mode 'transport'
set vpn ipsec esp-group ESP-ANTECH pfs 'dh-group16'
set vpn ipsec esp-group ESP-ANTECH proposal 1 encryption 'aes256'
set vpn ipsec esp-group ESP-ANTECH proposal 1 hash 'sha256'
set vpn ipsec ike-group IKE-ANTECH close-action 'none'
set vpn ipsec ike-group IKE-ANTECH dead-peer-detection action 'restart'
set vpn ipsec ike-group IKE-ANTECH dead-peer-detection interval '3'
set vpn ipsec ike-group IKE-ANTECH dead-peer-detection timeout '30'
set vpn ipsec ike-group IKE-ANTECH ikev2-reauth 'no'
set vpn ipsec ike-group IKE-ANTECH key-exchange 'ikev1'
set vpn ipsec ike-group IKE-ANTECH lifetime '3600'
set vpn ipsec ike-group IKE-ANTECH proposal 1 dh-group '16'
set vpn ipsec ike-group IKE-ANTECH proposal 1 encryption 'aes256'
set vpn ipsec ike-group IKE-ANTECH proposal 1 hash 'sha256'
set vpn ipsec ipsec-interfaces interface 'eth0'
set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret'
set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'PASSWORD'
set vpn ipsec profile NHRPVPN bind tunnel 'tun0'
set vpn ipsec profile NHRPVPN esp-group 'ESP-ANTECH'
set vpn ipsec profile NHRPVPN ike-group 'IKE-ANTECH'
SPOKE:
set interfaces tunnel tun0 address '172.16.0.25/16'
set interfaces tunnel tun0 encapsulation 'gre'
set interfaces tunnel tun0 mtu '1400'
set interfaces tunnel tun0 multicast 'enable'
set interfaces tunnel tun0 parameters ip key '1'
set interfaces tunnel tun0 policy route 'MSS_TUNNEL'
set interfaces tunnel tun0 source-address 'WAN_IP_ADDRESS'
set protocols nhrp tunnel tun0 cisco-authentication 'PASSWORD'
set protocols nhrp tunnel tun0 holding-time '300'
set protocols nhrp tunnel tun0 map 172.16.0.1/16 nbma-address 'WAN_HUB_IP'
set protocols nhrp tunnel tun0 map 172.16.0.1/16 register
set protocols nhrp tunnel tun0 multicast 'nhs'
set protocols nhrp tunnel tun0 redirect
set protocols nhrp tunnel tun0 shortcut
set vpn ipsec esp-group ESP-ANTECH compression 'disable'
set vpn ipsec esp-group ESP-ANTECH lifetime '1800'
set vpn ipsec esp-group ESP-ANTECH mode 'transport'
set vpn ipsec esp-group ESP-ANTECH pfs 'dh-group16'
set vpn ipsec esp-group ESP-ANTECH proposal 1 encryption 'aes256'
set vpn ipsec esp-group ESP-ANTECH proposal 1 hash 'sha256'
set vpn ipsec ike-group IKE-ANTECH close-action 'none'
set vpn ipsec ike-group IKE-ANTECH dead-peer-detection action 'restart'
set vpn ipsec ike-group IKE-ANTECH dead-peer-detection interval '3'
set vpn ipsec ike-group IKE-ANTECH dead-peer-detection timeout '30'
set vpn ipsec ike-group IKE-ANTECH ikev2-reauth 'no'
set vpn ipsec ike-group IKE-ANTECH key-exchange 'ikev1'
set vpn ipsec ike-group IKE-ANTECH lifetime '3600'
set vpn ipsec ike-group IKE-ANTECH proposal 1 dh-group '16'
set vpn ipsec ike-group IKE-ANTECH proposal 1 encryption 'aes256'
set vpn ipsec ike-group IKE-ANTECH proposal 1 hash 'sha256'
set vpn ipsec ipsec-interfaces interface 'pppoe0'
set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret'
set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'PASSWORD'
set vpn ipsec profile NHRPVPN bind tunnel 'tun0'
set vpn ipsec profile NHRPVPN esp-group 'ESP-ANTECH'
set vpn ipsec profile NHRPVPN ike-group 'IKE-ANTECH'
set policy route MSS_TUNNEL description 'MSS_TUNNEL'
set policy route MSS_TUNNEL rule 10 protocol 'tcp'
set policy route MSS_TUNNEL rule 10 set tcp-mss '1360'
set policy route MSS_TUNNEL rule 10 tcp flags 'SYN'
set policy route MSS description 'MSS'
set policy route MSS rule 5 protocol 'tcp'
set policy route MSS rule 5 set tcp-mss '1452'
set policy route MSS rule 5 tcp flags 'SYN'
Logs will follow when i catch the issue.
Thanks!
Following thing i noticed in the log around the outage is the following:
Apr 18 20:48:44 ACS0001-CE1 charon: 14[NET] <dmvpn-NHRPVPN-tun0|227> sending packet: from LOCALIP[500] to HUBIP[500] (108 bytes)
Apr 18 20:48:45 ACS0001-CE1 charon: 05[KNL] creating delete job for CHILD_SA ESP/0xc7515fac/LOCALIP
Apr 18 20:48:45 ACS0001-CE1 charon: 05[IKE] <dmvpn-NHRPVPN-tun0|227> closing expired CHILD_SA dmvpn{447} with SPIs c7515fac_i c4aec80a_o and TS LOCALIP/32[gre] === HUBIP/32[gre]
Apr 18 20:48:45 ACS0001-CE1 charon: 05[IKE] <dmvpn-NHRPVPN-tun0|227> sending DELETE for ESP CHILD_SA with SPI c7515fac
Apr 18 20:48:45 ACS0001-CE1 charon: 05[ENC] <dmvpn-NHRPVPN-tun0|227> generating INFORMATIONAL_V1 request 2379804127 [ HASH D ]
Apr 18 20:48:45 ACS0001-CE1 charon: 05[NET] <dmvpn-NHRPVPN-tun0|227> sending packet: from LOCALIP[500] to HUBIP[500] (92 bytes)
Apr 18 20:48:45 ACS0001-CE1 charon: 05[KNL] creating delete job for CHILD_SA ESP/0xc4aec80a/HUBIP
Apr 18 20:48:45 ACS0001-CE1 charon: 05[JOB] CHILD_SA ESP/0xc4aec80a/HUBIP not found for delete
Rufat
April 19, 2022, 3:41pm
7
@Arpanet69 Can you share the results of the following commands on the hub and any spoke device?show configuration | strip-private journalctl -x
HUB
antech@AC-DC1-PE1:~$ show configuration | strip-private
interfaces {
ethernet eth0 {
address xxx.xxx.183.218/30
description WAN
}
ethernet eth1 {
description VSWITCH
vif 20 {
address xxx.xxx.20.1/24
description MNG
}
vif 30 {
address xxx.xxx.30.1/24
description SIP
}
}
ethernet eth2 {
address xxx.xxx.10.1/24
description PVE-MNG
}
loopback lo {
}
tunnel tun0 {
address xxx.xxx.0.1/16
encapsulation gre
mtu 1400
multicast enable
parameters {
ip {
key xxxxxx
}
}
source-address xxx.xxx.183.218
}
}
nat {
destination {
rule 10 {
description "PRTG SERVER"
destination {
port 443
}
inbound-interface eth0
protocol tcp
translation {
address xxx.xxx.20.10
}
}
rule 11 {
description "JUMP HOST Antech"
destination {
port 3389
}
inbound-interface eth0
protocol tcp
translation {
address xxx.xxx.20.5
}
}
}
source {
rule 101 {
outbound-interface eth0
translation {
address masquerade
}
}
}
}
protocols {
nhrp {
tunnel tun0 {
cisco-authentication **********
holding-time 300
multicast dynamic
redirect
}
}
ospf {
area 0 {
network xxx.xxx.0.0/16
}
redistribute {
static {
metric-type 2
}
}
}
static {
route xxx.xxx.0.0/0 {
next-hop xxx.xxx.183.217 {
}
}
route xxx.xxx.0.0/22 {
next-hop xxx.xxx.0.25 {
}
}
route xxx.xxx.4.0/22 {
next-hop xxx.xxx.0.27 {
}
}
route xxx.xxx.8.0/22 {
next-hop xxx.xxx.0.29 {
}
}
}
}
service {
snmp {
contact "Antech Cloud"
listen-address xxx.xxx.20.1 {
port 161
}
location xxxxxx
v3 {
engineid 000000000000000000000002
group ANTECH-GRP {
mode ro
view ANTECH-VIEW
}
user xxxxxx {
auth {
encrypted-password xxxxxx
type sha
}
group ANTECH-GRP
privacy {
encrypted-password xxxxxx
type aes
}
}
view ANTECH-VIEW {
oid 1 {
}
}
}
}
ssh {
}
}
system {
config-management {
commit-revisions 100
}
console {
device ttyS0 {
speed 115200
}
}
host-name xxxxxx
login {
user xxxxxx {
authentication {
encrypted-password xxxxxx
plaintext-password xxxxxx
}
}
user xxxxxx {
authentication {
encrypted-password xxxxxx
plaintext-password xxxxxx
}
}
}
ntp {
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
time-zone Europe/Amsterdam
}
vpn {
ipsec {
esp-group ESP-ANTECH {
compression disable
lifetime 1800
mode transport
pfs dh-group16
proposal 1 {
encryption aes256
hash sha256
}
}
ike-group IKE-ANTECH {
close-action none
dead-peer-detection {
action restart
interval 3
timeout 30
}
ikev2-reauth no
key-exchange ikev1
lifetime 3600
proposal 1 {
dh-group 16
encryption aes256
hash sha256
}
}
ipsec-interfaces {
interface eth0
}
profile NHRPVPN {
authentication {
mode pre-shared-secret
pre-shared-secret xxxxxx
}
bind {
tunnel tun0
}
esp-group ESP-ANTECH
ike-group IKE-ANTECH
}
}
}
SPOKE
antech@ACS0001-CE1:~$ show configuration | strip-private
high-availability {
vrrp {
group DATA-LAN {
hello-source-address xxx.xxx.0.1
interface eth0.20
peer-address xxx.xxx.0.2
preempt-delay 180
priority 200
virtual-address xxx.xxx.0.3/24
vrid 20
}
group GUEST-LAN {
hello-source-address xxx.xxx.99.1
interface eth0.99
peer-address xxx.xxx.99.2
preempt-delay 180
priority 200
virtual-address xxx.xxx.99.3/24
vrid 99
}
group IOT-LAN {
hello-source-address xxx.xxx.2.1
interface eth0.40
peer-address xxx.xxx.2.2
preempt-delay 180
priority 200
virtual-address xxx.xxx.2.3/25
vrid 40
}
group MNG-LAN {
hello-source-address xxx.xxx.3.129
interface eth0.70
peer-address xxx.xxx.3.130
preempt-delay 180
priority 200
virtual-address xxx.xxx.3.131/25
vrid 70
}
group SERVER-LAN {
hello-source-address xxx.xxx.3.1
interface eth0.60
peer-address xxx.xxx.3.2
preempt-delay 180
priority 200
virtual-address xxx.xxx.3.3/25
vrid 60
}
group VOICE-LAN {
hello-source-address xxx.xxx.1.1
interface eth0.30
peer-address xxx.xxx.1.2
preempt-delay 180
priority 200
virtual-address xxx.xxx.1.3/24
vrid 30
}
group VPN-LAN {
hello-source-address xxx.xxx.2.129
interface eth0.50
peer-address xxx.xxx.2.130
preempt-delay 180
priority 200
virtual-address xxx.xxx.2.131/25
vrid 50
}
}
}
interfaces {
ethernet eth0 {
hw-id XX:XX:XX:XX:XX:84
vif 6 {
description INET1-PPPOE
}
vif 10 {
address xxx.xxx.1.10/24
description INET2-DHCP
disable
}
vif 20 {
address xxx.xxx.0.1/24
description DATA
policy {
route MSS
}
}
vif 30 {
address xxx.xxx.1.1/24
description VOICE
policy {
route MSS
}
}
vif 40 {
address xxx.xxx.2.1/25
description IOT
policy {
route MSS
}
}
vif 50 {
address xxx.xxx.2.129/25
description VPN
policy {
route MSS
}
}
vif 60 {
address xxx.xxx.3.1/25
description SERVER
policy {
route MSS
}
}
vif 70 {
address xxx.xxx.3.129/25
description MNG
policy {
route MSS
}
}
vif 99 {
address xxx.xxx.99.1/24
description GUEST
policy {
route MSS
}
vrf INTERNET
}
}
loopback lo {
}
pppoe pppoe0 {
authentication {
password xxxxxx
user xxxxxx
}
default-route force
description XDSL
firewall {
in {
}
local {
}
out {
}
}
mtu 1492
policy {
route MSS
}
source-interface eth0.6
}
tunnel tun0 {
address xxx.xxx.0.25/16
encapsulation gre
mtu 1400
multicast enable
parameters {
ip {
key xxxxxx
}
}
policy {
route MSS_TUNNEL
}
source-address xxx.xxx.155.107
}
wireless wlan0 {
hw-id XX:XX:XX:XX:XX:86
physical-device phy0
}
}
load-balancing {
wan {
flush-connections
interface-health eth0.10 {
failure-count 3
nexthop xxx.xxx.1.254
success-count 3
test 1 {
resp-time 5
target xxx.xxx.8.8
ttl-limit 16
}
}
interface-health pppoe0 {
failure-count 3
nexthop dhcp
success-count 3
test 1 {
resp-time 5
target xxx.xxx.8.8
ttl-limit 16
}
}
rule 1 {
failover
inbound-interface et0.20
interface eth0.10 {
weight 1
}
interface pppoe0 {
weight 2
}
protocol all
}
}
}
nat {
destination {
rule 10 {
description "PROXMOX SERVER"
destination {
port 8006
}
inbound-interface pppoe0
protocol tcp
translation {
address xxx.xxx.3.10
}
}
}
source {
rule 6 {
outbound-interface pppoe0
translation {
address masquerade
}
}
rule 10 {
outbound-interface eth0.10
translation {
address masquerade
}
}
}
}
policy {
route MSS {
description MSS
rule 5 {
protocol tcp
set {
tcp-mss 1452
}
tcp {
flags SYN
}
}
}
route MSS_TUNNEL {
description MSS_TUNNEL
rule 10 {
protocol tcp
set {
tcp-mss 1360
}
tcp {
flags SYN
}
}
}
}
protocols {
nhrp {
tunnel tun0 {
cisco-authentication *********
holding-time 300
map xxx.xxx.0.1/16 {
nbma-address xxx.xxx.183.218
register
}
multicast nhs
redirect
shortcut
}
}
ospf {
area 0 {
network xxx.xxx.0.0/22
}
redistribute {
static {
metric-type 2
}
}
}
static {
interface-route xxx.xxx.0.0/0 {
next-hop-interface pppoe0 {
}
}
route xxx.xxx.0.0/16 {
next-hop xxx.xxx.0.1 {
}
}
}
}
service {
dhcp-server {
shared-network-name xxxxxx {
subnet xxx.xxx.0.0/24 {
default-router xxx.xxx.0.3
dns-server xxx.xxx.222.222
dns-server xxx.xxx.220.220
lease 86400
range 0 {
start xxx.xxx.0.25
stop xxx.xxx.0.250
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.99.0/24 {
default-router xxx.xxx.99.3
dns-server xxx.xxx.8.8
dns-server xxx.xxx.4.4
lease 86400
range 0 {
start xxx.xxx.99.25
stop xxx.xxx.99.250
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.2.0/25 {
default-router xxx.xxx.2.3
dns-server xxx.xxx.222.222
dns-server xxx.xxx.220.220
lease 86400
range 0 {
start xxx.xxx.2.20
stop xxx.xxx.2.120
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.3.0/25 {
default-router xxx.xxx.3.3
dns-server xxx.xxx.222.222
dns-server xxx.xxx.220.220
lease 86400
range 0 {
start xxx.xxx.3.100
stop xxx.xxx.3.120
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.1.0/24 {
default-router xxx.xxx.1.3
dns-server xxx.xxx.222.222
dns-server xxx.xxx.220.220
lease 86400
range 0 {
start xxx.xxx.1.25
stop xxx.xxx.1.250
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.2.128/25 {
default-router xxx.xxx.2.131
dns-server xxx.xxx.222.222
dns-server xxx.xxx.220.220
lease 86400
range 0 {
start xxx.xxx.2.150
stop xxx.xxx.2.250
}
}
}
}
lldp {
interface all {
}
interface eth0.6 {
disable
}
interface eth0.10 {
disable
}
interface pppoe0 {
disable
}
legacy-protocols {
cdp
}
}
snmp {
contact "Antech"
listen-address xxx.xxx.3.129 {
port 161
}
location xxxxxx
v3 {
engineid 000000000000000000000002
group ANTECH-GRP {
mode ro
view ANTECH-VIEW
}
user xxxxxx {
auth {
encrypted-password xxxxxx
type sha
}
group ANTECH-GRP
privacy {
encrypted-password xxxxxx
type aes
}
}
view ANTECH-VIEW {
oid 1 {
}
}
}
}
ssh {
}
}
system {
config-management {
commit-revisions 100
}
console {
device ttyS0 {
speed 115200
}
}
flow-accounting {
interface eth0.6
netflow {
engine-id 10
server xxxxx.tld {
port 2055
}
timeout {
expiry-interval 120
}
version 9
}
}
host-name xxxxxx
login {
banner {
post-login "This system is restricted."
}
user xxxxxx {
authentication {
encrypted-password xxxxxx
}
}
}
name-server xxx.xxx.222.222
ntp {
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
host xxx.xxx.20.10 {
facility all {
level warning
}
port 514
}
}
time-zone Europe/Amsterdam
}
vpn {
ipsec {
esp-group ESP-ANTECH {
compression disable
lifetime 1800
mode transport
pfs dh-group16
proposal 1 {
encryption aes256
hash sha256
}
}
ike-group IKE-ANTECH {
close-action none
dead-peer-detection {
action restart
interval 3
timeout 30
}
ikev2-reauth no
key-exchange ikev1
lifetime 3600
proposal 1 {
dh-group 16
encryption aes256
hash sha256
}
}
ipsec-interfaces {
interface pppoe0
}
profile NHRPVPN {
authentication {
mode pre-shared-secret
pre-shared-secret xxxxxx
}
bind {
tunnel tun0
}
esp-group ESP-ANTECH
ike-group IKE-ANTECH
}
}
}
vrf {
name INTERNET {
description GUEST-TRAFFIC-OUT
table 100
}
}
antech@ACS0001-CE1:~$
Journal:
Spoke
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 3468994.
Apr 19 18:08:19 ACS0001-CE1 agetty[16181]: /dev/ttyS0: not a tty
Apr 19 18:08:22 ACS0001-CE1 charon[2387]: 05[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:22 ACS0001-CE1 charon[2387]: 05[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 2655902784 [ HASH N(DPD) ]
Apr 19 18:08:22 ACS0001-CE1 charon[2387]: 05[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 3666027598 [ HASH N(DPD_ACK) ]
Apr 19 18:08:22 ACS0001-CE1 charon[2387]: 05[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:24 ACS0001-CE1 wan_lb[2773]: wan_lb: error on sending icmp packet: 101
Apr 19 18:08:27 ACS0001-CE1 charon[2387]: 10[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:27 ACS0001-CE1 charon[2387]: 10[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 2910721468 [ HASH N(DPD) ]
Apr 19 18:08:27 ACS0001-CE1 charon[2387]: 10[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 1245478140 [ HASH N(DPD_ACK) ]
Apr 19 18:08:27 ACS0001-CE1 charon[2387]: 10[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:29 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 18:08:29 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 18:08:29 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 66672.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 18:08:29 ACS0001-CE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 3469046 and the job result is done.
Apr 19 18:08:29 ACS0001-CE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 3469046.
Apr 19 18:08:29 ACS0001-CE1 agetty[16186]: /dev/ttyS0: not a tty
Apr 19 18:08:32 ACS0001-CE1 charon[2387]: 09[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:32 ACS0001-CE1 charon[2387]: 09[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 3344365282 [ HASH N(DPD) ]
Apr 19 18:08:32 ACS0001-CE1 charon[2387]: 09[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 768817505 [ HASH N(DPD_ACK) ]
Apr 19 18:08:32 ACS0001-CE1 charon[2387]: 09[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:34 ACS0001-CE1 opennhrp[13138]: NL-ARP(tun0) who-has 172.16.0.1
Apr 19 18:08:34 ACS0001-CE1 opennhrp[13138]: NL-ARP(tun0) 172.16.0.1 is-at 95.97.183.218
Apr 19 18:08:34 ACS0001-CE1 wan_lb[2773]: wan_lb: error on sending icmp packet: 101
Apr 19 18:08:37 ACS0001-CE1 charon[2387]: 08[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:37 ACS0001-CE1 charon[2387]: 08[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 40525214 [ HASH N(DPD) ]
Apr 19 18:08:37 ACS0001-CE1 charon[2387]: 08[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 3579667129 [ HASH N(DPD_ACK) ]
Apr 19 18:08:37 ACS0001-CE1 charon[2387]: 08[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:39 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 18:08:40 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 18:08:40 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 66673.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 18:08:40 ACS0001-CE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 3469098 and the job result is done.
Apr 19 18:08:40 ACS0001-CE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 3469098.
Apr 19 18:08:40 ACS0001-CE1 agetty[16191]: /dev/ttyS0: not a tty
Apr 19 18:08:43 ACS0001-CE1 charon[2387]: 05[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:43 ACS0001-CE1 charon[2387]: 05[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 570152600 [ HASH N(DPD) ]
Apr 19 18:08:43 ACS0001-CE1 charon[2387]: 05[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 3207549990 [ HASH N(DPD_ACK) ]
Apr 19 18:08:43 ACS0001-CE1 charon[2387]: 05[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:45 ACS0001-CE1 wan_lb[2773]: wan_lb: error on sending icmp packet: 101
Apr 19 18:08:48 ACS0001-CE1 charon[2387]: 10[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:48 ACS0001-CE1 charon[2387]: 10[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 3906108620 [ HASH N(DPD) ]
Apr 19 18:08:48 ACS0001-CE1 charon[2387]: 10[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 498543318 [ HASH N(DPD_ACK) ]
Apr 19 18:08:48 ACS0001-CE1 charon[2387]: 10[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:50 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 18:08:50 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 18:08:50 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 66674.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 18:08:50 ACS0001-CE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 3469150 and the job result is done.
Apr 19 18:08:50 ACS0001-CE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 3469150.
Apr 19 18:08:50 ACS0001-CE1 agetty[16196]: /dev/ttyS0: not a tty
Apr 19 18:08:53 ACS0001-CE1 charon[2387]: 09[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:53 ACS0001-CE1 charon[2387]: 09[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 1279796766 [ HASH N(DPD) ]
Apr 19 18:08:53 ACS0001-CE1 charon[2387]: 09[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 1694090611 [ HASH N(DPD_ACK) ]
Apr 19 18:08:53 ACS0001-CE1 charon[2387]: 09[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:08:55 ACS0001-CE1 wan_lb[2773]: wan_lb: error on sending icmp packet: 101
Apr 19 18:08:58 ACS0001-CE1 charon[2387]: 08[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:08:58 ACS0001-CE1 charon[2387]: 08[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 1197202618 [ HASH N(DPD) ]
Apr 19 18:08:58 ACS0001-CE1 charon[2387]: 08[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 1438096515 [ HASH N(DPD_ACK) ]
Apr 19 18:08:58 ACS0001-CE1 charon[2387]: 08[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:09:00 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 18:09:00 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 18:09:00 ACS0001-CE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 66675.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 18:09:00 ACS0001-CE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 3469202 and the job result is done.
Apr 19 18:09:00 ACS0001-CE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 3469202.
Apr 19 18:09:00 ACS0001-CE1 agetty[16206]: /dev/ttyS0: not a tty
Apr 19 18:09:03 ACS0001-CE1 charon[2387]: 05[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:09:03 ACS0001-CE1 charon[2387]: 05[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 3656949932 [ HASH N(DPD) ]
Apr 19 18:09:03 ACS0001-CE1 charon[2387]: 05[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 2437583151 [ HASH N(DPD_ACK) ]
Apr 19 18:09:03 ACS0001-CE1 charon[2387]: 05[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:09:04 ACS0001-CE1 wan_lb[2773]: wan_lb: error on sending icmp packet: 101
Apr 19 18:09:07 ACS0001-CE1 charon[2387]: 10[NET] <dmvpn-NHRPVPN-tun0|252> received packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:09:07 ACS0001-CE1 charon[2387]: 10[ENC] <dmvpn-NHRPVPN-tun0|252> parsed INFORMATIONAL_V1 request 3175289235 [ HASH N(DPD) ]
Apr 19 18:09:07 ACS0001-CE1 charon[2387]: 10[ENC] <dmvpn-NHRPVPN-tun0|252> generating INFORMATIONAL_V1 request 1860392016 [ HASH N(DPD_ACK) ]
Apr 19 18:09:07 ACS0001-CE1 charon[2387]: 10[NET] <dmvpn-NHRPVPN-tun0|252> sending packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Journal
SPOKE
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 17:59:43 AC-DC1-PE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 26275939 and the job result is done.
Apr 19 17:59:43 AC-DC1-PE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 26275939.
Apr 19 17:59:43 AC-DC1-PE1 agetty[13040]: /dev/ttyS0: not a tty
Apr 19 17:59:44 AC-DC1-PE1 sshd[13041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.171.235 user=root
Apr 19 17:59:44 AC-DC1-PE1 charon[1568]: 09[IKE] <dmvpn-NHRPVPN-tun0|4766> sending DPD request
Apr 19 17:59:44 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4766> generating INFORMATIONAL_V1 request 3253999466 [ HASH N(DPD) ]
Apr 19 17:59:44 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4766> sending packet: from 95.97.183.218[500] to 92.64.242.145[500] (108 bytes)
Apr 19 17:59:44 AC-DC1-PE1 charon[1568]: 11[NET] <dmvpn-NHRPVPN-tun0|4766> received packet: from 92.64.242.145[500] to 95.97.183.218[500] (108 bytes)
Apr 19 17:59:44 AC-DC1-PE1 charon[1568]: 11[ENC] <dmvpn-NHRPVPN-tun0|4766> parsed INFORMATIONAL_V1 request 1779280963 [ HASH N(DPD_ACK) ]
Apr 19 17:59:45 AC-DC1-PE1 sshd[13041]: Failed password for root from 46.101.171.235 port 35716 ssh2
Apr 19 17:59:47 AC-DC1-PE1 sshd[13041]: Received disconnect from 46.101.171.235 port 35716:11: Bye Bye [preauth]
Apr 19 17:59:47 AC-DC1-PE1 sshd[13041]: Disconnected from authenticating user root 46.101.171.235 port 35716 [preauth]
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 06[IKE] <dmvpn-NHRPVPN-tun0|4766> sending DPD request
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 06[ENC] <dmvpn-NHRPVPN-tun0|4766> generating INFORMATIONAL_V1 request 1406497235 [ HASH N(DPD) ]
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 06[NET] <dmvpn-NHRPVPN-tun0|4766> sending packet: from 95.97.183.218[500] to 92.64.242.145[500] (108 bytes)
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 13[NET] <dmvpn-NHRPVPN-tun0|4766> received packet: from 92.64.242.145[500] to 95.97.183.218[500] (108 bytes)
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 13[ENC] <dmvpn-NHRPVPN-tun0|4766> parsed INFORMATIONAL_V1 request 3251854553 [ HASH N(DPD_ACK) ]
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 15[IKE] <dmvpn-NHRPVPN-tun0|4767> sending DPD request
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 15[ENC] <dmvpn-NHRPVPN-tun0|4767> generating INFORMATIONAL_V1 request 90234462 [ HASH N(DPD) ]
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 15[NET] <dmvpn-NHRPVPN-tun0|4767> sending packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4767> received packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 17:59:49 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4767> parsed INFORMATIONAL_V1 request 1071544713 [ HASH N(DPD_ACK) ]
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: Received Registration Request from proto src 172.16.0.27 to 172.16.0.1
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[13046]: Received peer registration request: 95.97.183.218 92.64.242.145
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer registration authorized
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: Removing dynamic 172.16.0.27/32 nbma 92.64.242.145 dev tun0 up expires_in 0:18
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: Adding dynamic 172.16.0.27/32 nbma 92.64.242.145 dev tun0 up expires_in 0:29
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer up script: success
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: NL-ARP(tun0) 172.16.0.27 is-at 92.64.242.145
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer inserted to multicast list
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: Sending Registration Reply from proto src 172.16.0.1 to 172.16.0.27 (1 bindings accepted, 0 rejected)
Apr 19 17:59:50 AC-DC1-PE1 opennhrp[28461]: Sending packet 4, from: 172.16.0.27 (nbma 92.64.242.145), to: 172.16.0.1 (nbma 92.64.242.145)
Apr 19 17:59:53 AC-DC1-PE1 charon[1568]: 16[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 17:59:53 AC-DC1-PE1 charon[1568]: 16[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 2984408091 [ HASH N(DPD) ]
Apr 19 17:59:53 AC-DC1-PE1 charon[1568]: 16[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 2686014220 [ HASH N(DPD_ACK) ]
Apr 19 17:59:53 AC-DC1-PE1 charon[1568]: 16[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: Received Registration Request from proto src 172.16.0.29 to 172.16.0.1
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[13052]: Received peer registration request: 95.97.183.218 84.35.67.198
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer registration authorized
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: Removing dynamic 172.16.0.29/32 nbma 84.35.67.198 nbma-nat-oa 192.168.16.100 dev tun0 up expires_in 0:18
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: Adding dynamic 172.16.0.29/32 nbma 84.35.67.198 nbma-nat-oa 192.168.16.100 dev tun0 up expires_in 0:29
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer up script: success
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: NL-ARP(tun0) 172.16.0.29 is-at 84.35.67.198
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer inserted to multicast list
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: Sending Registration Reply from proto src 172.16.0.1 to 172.16.0.29 (1 bindings accepted, 0 rejected)
Apr 19 17:59:53 AC-DC1-PE1 opennhrp[28461]: Sending packet 4, from: 172.16.0.29 (nbma 192.168.16.100), to: 172.16.0.1 (nbma 84.35.67.198)
Apr 19 17:59:53 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 17:59:53 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 17:59:53 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 505163.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 17:59:53 AC-DC1-PE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 26275991 and the job result is done.
Apr 19 17:59:53 AC-DC1-PE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 26275991.
Apr 19 17:59:53 AC-DC1-PE1 agetty[13055]: /dev/ttyS0: not a tty
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 13[IKE] <dmvpn-NHRPVPN-tun0|4766> sending DPD request
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 13[ENC] <dmvpn-NHRPVPN-tun0|4766> generating INFORMATIONAL_V1 request 1764575640 [ HASH N(DPD) ]
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 13[NET] <dmvpn-NHRPVPN-tun0|4766> sending packet: from 95.97.183.218[500] to 92.64.242.145[500] (108 bytes)
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 15[NET] <dmvpn-NHRPVPN-tun0|4766> received packet: from 92.64.242.145[500] to 95.97.183.218[500] (108 bytes)
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 15[ENC] <dmvpn-NHRPVPN-tun0|4766> parsed INFORMATIONAL_V1 request 98424672 [ HASH N(DPD_ACK) ]
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 09[IKE] <dmvpn-NHRPVPN-tun0|4767> sending DPD request
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4767> generating INFORMATIONAL_V1 request 2182168095 [ HASH N(DPD) ]
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4767> sending packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 11[NET] <dmvpn-NHRPVPN-tun0|4767> received packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 17:59:54 AC-DC1-PE1 charon[1568]: 11[ENC] <dmvpn-NHRPVPN-tun0|4767> parsed INFORMATIONAL_V1 request 4130094835 [ HASH N(DPD_ACK) ]
Apr 19 17:59:54 AC-DC1-PE1 sshd[13047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.239.86.48 user=root
Apr 19 17:59:56 AC-DC1-PE1 charon[1568]: 08[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 17:59:56 AC-DC1-PE1 charon[1568]: 08[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 3043899820 [ HASH N(DPD) ]
Apr 19 17:59:56 AC-DC1-PE1 charon[1568]: 08[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 1852050425 [ HASH N(DPD_ACK) ]
Apr 19 17:59:56 AC-DC1-PE1 charon[1568]: 08[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 17:59:57 AC-DC1-PE1 sshd[13047]: Failed password for root from 170.239.86.48 port 52812 ssh2
Apr 19 17:59:58 AC-DC1-PE1 sshd[13047]: Received disconnect from 170.239.86.48 port 52812:11: Bye Bye [preauth]
Apr 19 17:59:58 AC-DC1-PE1 sshd[13047]: Disconnected from authenticating user root 170.239.86.48 port 52812 [preauth]
Apr 19 17:59:58 AC-DC1-PE1 charon[1568]: 06[IKE] <dmvpn-NHRPVPN-tun0|4765> sending DPD request
Apr 19 17:59:58 AC-DC1-PE1 charon[1568]: 06[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 975453091 [ HASH N(DPD) ]
Apr 19 17:59:58 AC-DC1-PE1 charon[1568]: 06[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 17:59:58 AC-DC1-PE1 charon[1568]: 13[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 17:59:58 AC-DC1-PE1 charon[1568]: 13[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 678874015 [ HASH N(DPD_ACK) ]
Apr 19 17:59:59 AC-DC1-PE1 charon[1568]: 15[IKE] <dmvpn-NHRPVPN-tun0|4767> sending DPD request
Apr 19 17:59:59 AC-DC1-PE1 charon[1568]: 15[ENC] <dmvpn-NHRPVPN-tun0|4767> generating INFORMATIONAL_V1 request 1766300728 [ HASH N(DPD) ]
Apr 19 17:59:59 AC-DC1-PE1 charon[1568]: 15[NET] <dmvpn-NHRPVPN-tun0|4767> sending packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 17:59:59 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4767> received packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 17:59:59 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4767> parsed INFORMATIONAL_V1 request 1523427108 [ HASH N(DPD_ACK) ]
Apr 19 18:00:01 AC-DC1-PE1 charon[1568]: 08[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 18:00:01 AC-DC1-PE1 charon[1568]: 08[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 1061224835 [ HASH N(DPD) ]
Apr 19 18:00:01 AC-DC1-PE1 charon[1568]: 08[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 1896145382 [ HASH N(DPD_ACK) ]
Apr 19 18:00:01 AC-DC1-PE1 charon[1568]: 08[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 18:00:01 AC-DC1-PE1 sshd[13056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.154.105.79 user=root
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: Received Registration Request from proto src 172.16.0.27 to 172.16.0.1
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[13061]: Received peer registration request: 95.97.183.218 92.64.242.145
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer registration authorized
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: Removing dynamic 172.16.0.27/32 nbma 92.64.242.145 dev tun0 up expires_in 0:18
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: Adding dynamic 172.16.0.27/32 nbma 92.64.242.145 dev tun0 up expires_in 0:29
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer up script: success
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: NL-ARP(tun0) 172.16.0.27 is-at 92.64.242.145
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer inserted to multicast list
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: Sending Registration Reply from proto src 172.16.0.1 to 172.16.0.27 (1 bindings accepted, 0 rejected)
Apr 19 18:00:01 AC-DC1-PE1 opennhrp[28461]: Sending packet 4, from: 172.16.0.27 (nbma 92.64.242.145), to: 172.16.0.1 (nbma 92.64.242.145)
Apr 19 18:00:02 AC-DC1-PE1 CRON[13062]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Apr 19 18:00:02 AC-DC1-PE1 CRON[13063]: (smmsp) CMD (test -x /etc/init.d/sendmail && test -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail && /us
Apr 19 18:00:02 AC-DC1-PE1 CRON[13062]: pam_unix(cron:session): session closed for user smmsp
Apr 19 18:00:03 AC-DC1-PE1 sshd[13056]: Failed password for root from 43.154.105.79 port 50950 ssh2
Apr 19 18:00:03 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 18:00:03 AC-DC1-PE1 charon[1568]: 16[IKE] <dmvpn-NHRPVPN-tun0|4765> sending DPD request
Apr 19 18:00:03 AC-DC1-PE1 charon[1568]: 16[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 1473879053 [ HASH N(DPD) ]
Apr 19 18:00:03 AC-DC1-PE1 charon[1568]: 16[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 18:00:03 AC-DC1-PE1 charon[1568]: 06[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 18:00:03 AC-DC1-PE1 charon[1568]: 06[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 2866002464 [ HASH N(DPD_ACK) ]
Apr 19 18:00:04 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 18:00:04 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 505164.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 18:00:04 AC-DC1-PE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 26276043 and the job result is done.
Apr 19 18:00:04 AC-DC1-PE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 26276043.
Apr 19 18:00:04 AC-DC1-PE1 agetty[13068]: /dev/ttyS0: not a tty
Apr 19 18:00:04 AC-DC1-PE1 charon[1568]: 13[IKE] <dmvpn-NHRPVPN-tun0|4767> sending DPD request
Apr 19 18:00:04 AC-DC1-PE1 charon[1568]: 13[ENC] <dmvpn-NHRPVPN-tun0|4767> generating INFORMATIONAL_V1 request 1683011308 [ HASH N(DPD) ]
Apr 19 18:00:04 AC-DC1-PE1 charon[1568]: 13[NET] <dmvpn-NHRPVPN-tun0|4767> sending packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:00:04 AC-DC1-PE1 charon[1568]: 15[NET] <dmvpn-NHRPVPN-tun0|4767> received packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:00:04 AC-DC1-PE1 charon[1568]: 15[ENC] <dmvpn-NHRPVPN-tun0|4767> parsed INFORMATIONAL_V1 request 3836486837 [ HASH N(DPD_ACK) ]
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: Received Registration Request from proto src 172.16.0.29 to 172.16.0.1
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[13072]: Received peer registration request: 95.97.183.218 84.35.67.198
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer registration authorized
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: Removing dynamic 172.16.0.29/32 nbma 84.35.67.198 nbma-nat-oa 192.168.16.100 dev tun0 up expires_in 0:18
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: Adding dynamic 172.16.0.29/32 nbma 84.35.67.198 nbma-nat-oa 192.168.16.100 dev tun0 up expires_in 0:29
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer up script: success
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: NL-ARP(tun0) 172.16.0.29 is-at 84.35.67.198
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer inserted to multicast list
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: Sending Registration Reply from proto src 172.16.0.1 to 172.16.0.29 (1 bindings accepted, 0 rejected)
Apr 19 18:00:04 AC-DC1-PE1 opennhrp[28461]: Sending packet 4, from: 172.16.0.29 (nbma 192.168.16.100), to: 172.16.0.1 (nbma 84.35.67.198)
Apr 19 18:00:05 AC-DC1-PE1 sshd[13056]: Received disconnect from 43.154.105.79 port 50950:11: Bye Bye [preauth]
Apr 19 18:00:05 AC-DC1-PE1 sshd[13056]: Disconnected from authenticating user root 43.154.105.79 port 50950 [preauth]
Apr 19 18:00:05 AC-DC1-PE1 charon[1568]: 09[IKE] <dmvpn-NHRPVPN-tun0|4766> sending DPD request
Apr 19 18:00:05 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4766> generating INFORMATIONAL_V1 request 3306882267 [ HASH N(DPD) ]
Apr 19 18:00:05 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4766> sending packet: from 95.97.183.218[500] to 92.64.242.145[500] (108 bytes)
Apr 19 18:00:05 AC-DC1-PE1 charon[1568]: 11[NET] <dmvpn-NHRPVPN-tun0|4766> received packet: from 92.64.242.145[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:00:05 AC-DC1-PE1 charon[1568]: 11[ENC] <dmvpn-NHRPVPN-tun0|4766> parsed INFORMATIONAL_V1 request 2491990323 [ HASH N(DPD_ACK) ]
Apr 19 18:00:07 AC-DC1-PE1 charon[1568]: 07[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 18:00:07 AC-DC1-PE1 charon[1568]: 07[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 666933636 [ HASH N(DPD) ]
Apr 19 18:00:07 AC-DC1-PE1 charon[1568]: 07[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 807960188 [ HASH N(DPD_ACK) ]
Apr 19 18:00:07 AC-DC1-PE1 charon[1568]: 07[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 18:00:08 AC-DC1-PE1 snmpd[1931]: Authentication failed for antech
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 06[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 06[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 919258518 [ HASH N(DPD) ]
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 06[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 3647819287 [ HASH N(DPD_ACK) ]
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 06[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 09[IKE] <dmvpn-NHRPVPN-tun0|4767> sending DPD request
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4767> generating INFORMATIONAL_V1 request 1887486949 [ HASH N(DPD) ]
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4767> sending packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 11[NET] <dmvpn-NHRPVPN-tun0|4767> received packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:00:10 AC-DC1-PE1 charon[1568]: 11[ENC] <dmvpn-NHRPVPN-tun0|4767> parsed INFORMATIONAL_V1 request 2020283506 [ HASH N(DPD_ACK) ]
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 07[IKE] <dmvpn-NHRPVPN-tun0|4766> sending DPD request
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 07[ENC] <dmvpn-NHRPVPN-tun0|4766> generating INFORMATIONAL_V1 request 523823903 [ HASH N(DPD) ]
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 07[NET] <dmvpn-NHRPVPN-tun0|4766> sending packet: from 95.97.183.218[500] to 92.64.242.145[500] (108 bytes)
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 12[NET] <dmvpn-NHRPVPN-tun0|4766> received packet: from 92.64.242.145[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 12[ENC] <dmvpn-NHRPVPN-tun0|4766> parsed INFORMATIONAL_V1 request 226006150 [ HASH N(DPD_ACK) ]
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: Received Registration Request from proto src 172.16.0.27 to 172.16.0.1
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[13076]: Received peer registration request: 95.97.183.218 92.64.242.145
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer registration authorized
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: Removing dynamic 172.16.0.27/32 nbma 92.64.242.145 dev tun0 up expires_in 0:18
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: Adding dynamic 172.16.0.27/32 nbma 92.64.242.145 dev tun0 up expires_in 0:29
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer up script: success
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: NL-ARP(tun0) 172.16.0.27 is-at 92.64.242.145
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: [172.16.0.27] Peer inserted to multicast list
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: Sending Registration Reply from proto src 172.16.0.1 to 172.16.0.27 (1 bindings accepted, 0 rejected)
Apr 19 18:00:12 AC-DC1-PE1 opennhrp[28461]: Sending packet 4, from: 172.16.0.27 (nbma 92.64.242.145), to: 172.16.0.1 (nbma 92.64.242.145)
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 14[IKE] <dmvpn-NHRPVPN-tun0|4765> sending DPD request
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 14[ENC] <dmvpn-NHRPVPN-tun0|4765> generating INFORMATIONAL_V1 request 246932399 [ HASH N(DPD) ]
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 14[NET] <dmvpn-NHRPVPN-tun0|4765> sending packet: from 95.97.183.218[4500] to 84.35.67.198[4500] (108 bytes)
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 10[NET] <dmvpn-NHRPVPN-tun0|4765> received packet: from 84.35.67.198[4500] to 95.97.183.218[4500] (108 bytes)
Apr 19 18:00:12 AC-DC1-PE1 charon[1568]: 10[ENC] <dmvpn-NHRPVPN-tun0|4765> parsed INFORMATIONAL_V1 request 1388876512 [ HASH N(DPD_ACK) ]
Apr 19 18:00:13 AC-DC1-PE1 snmpd[1931]: Authentication failed for antech
Apr 19 18:00:14 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- The unit serial-getty@ttyS0.service has successfully entered the 'dead' state.
Apr 19 18:00:14 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Service RestartSec=100ms expired, scheduling restart.
Apr 19 18:00:14 AC-DC1-PE1 systemd[1]: serial-getty@ttyS0.service: Scheduled restart job, restart counter is at 505165.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Automatic restarting of the unit serial-getty@ttyS0.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Apr 19 18:00:14 AC-DC1-PE1 systemd[1]: Stopped Serial Getty on ttyS0.
-- Subject: A stop job for unit serial-getty@ttyS0.service has finished
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A stop job for unit serial-getty@ttyS0.service has finished.
--
-- The job identifier is 26276095 and the job result is done.
Apr 19 18:00:14 AC-DC1-PE1 systemd[1]: Started Serial Getty on ttyS0.
-- Subject: A start job for unit serial-getty@ttyS0.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit serial-getty@ttyS0.service has finished successfully.
--
-- The job identifier is 26276095.
Apr 19 18:00:14 AC-DC1-PE1 agetty[13081]: /dev/ttyS0: not a tty
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 06[IKE] <dmvpn-NHRPVPN-tun0|4766> sending DPD request
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 06[ENC] <dmvpn-NHRPVPN-tun0|4766> generating INFORMATIONAL_V1 request 1357271316 [ HASH N(DPD) ]
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 06[NET] <dmvpn-NHRPVPN-tun0|4766> sending packet: from 95.97.183.218[500] to 92.64.242.145[500] (108 bytes)
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 13[NET] <dmvpn-NHRPVPN-tun0|4766> received packet: from 92.64.242.145[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 13[ENC] <dmvpn-NHRPVPN-tun0|4766> parsed INFORMATIONAL_V1 request 1252725952 [ HASH N(DPD_ACK) ]
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 15[IKE] <dmvpn-NHRPVPN-tun0|4767> sending DPD request
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 15[ENC] <dmvpn-NHRPVPN-tun0|4767> generating INFORMATIONAL_V1 request 1637029113 [ HASH N(DPD) ]
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 15[NET] <dmvpn-NHRPVPN-tun0|4767> sending packet: from 95.97.183.218[500] to 77.61.155.107[500] (108 bytes)
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 09[NET] <dmvpn-NHRPVPN-tun0|4767> received packet: from 77.61.155.107[500] to 95.97.183.218[500] (108 bytes)
Apr 19 18:00:15 AC-DC1-PE1 charon[1568]: 09[ENC] <dmvpn-NHRPVPN-tun0|4767> parsed INFORMATIONAL_V1 request 1293969822 [ HASH N(DPD_ACK) ]
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: Received Registration Request from proto src 172.16.0.29 to 172.16.0.1
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[13085]: Received peer registration request: 95.97.183.218 84.35.67.198
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer registration authorized
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: Removing dynamic 172.16.0.29/32 nbma 84.35.67.198 nbma-nat-oa 192.168.16.100 dev tun0 up expires_in 0:18
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: Adding dynamic 172.16.0.29/32 nbma 84.35.67.198 nbma-nat-oa 192.168.16.100 dev tun0 up expires_in 0:29
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer up script: success
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: NL-ARP(tun0) 172.16.0.29 is-at 84.35.67.198
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: [172.16.0.29] Peer inserted to multicast list
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: Sending Registration Reply from proto src 172.16.0.1 to 172.16.0.29 (1 bindings accepted, 0 rejected)
Apr 19 18:00:15 AC-DC1-PE1 opennhrp[28461]: Sending packet 4, from: 172.16.0.29 (nbma 192.168.16.100), to: 172.16.0.1 (nbma 84.35.67.198)
Can you replace one file?⚓ T4350 DMVPN opennhrp spokes dont work behind NAT sudo python3 opennhrp-script-fix.py
Hi All,
Unfortunately that didn’t solved my issue. Still facing the same instabilities.
Hope we can try something else. Notice that we have client sites behind a NAT router and client sites that service NAT on the router with a public IP. The script is runned in our lab is a PPPoE Client with public IP and NAT. The above data is from the lab instance.
If I remember well these issues started when adding spokes behind a NAT router and i had to adjust the configuration for it. Spokes with a public IP had no stability issues in the past.
Hi @Arpanet69 did you configure ESP mode as tunnel or transport?
If you have spokes behind a NAT you should avoid tunnel mode and use transport instead
It seemed to be stable back then so i closed the ticket meanwhile it was unstable
Thanks!
Rufat
April 25, 2022, 6:26pm
13
The PPPoE interface is used here.
Hi Rufat,
We have have different type of connections at different sites. We are facing the same instability issues at sites that has fiber connection and no PPPoE and no NAT.
I will remove the PPPoE client and the NAT from the lab router and move it to the bridge modem. I have a draytek vigor 130 VDSL router as bridge currently. I will test and let you know the outcome.
Thanks!
